Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Hello there,we use some cisco 2811 router and I have to block some url sites.Is it possible to do this with the cisco 2811 router - and how can I do it?Thank you for your help!Michael
Dears,I need to renew the the below features on the following ASA (ASA5510-CSC10-K9), but I need the excat part number, please advice.1- 50-user antivirus/anti-spyware license with 1-year subscription service.2- URL filtering, content filtering, anti...
hi, i have a request of providing access for any inside user in pix. So that they can access the public ip 79.125.x.x to the port 3128 or 8080 0r 443 or 80. Although in pix from inside to outside all are accessible.Below is the configuration we have ...
Hi folksI got a question today that left we thinking and no answer.Can I, on an IPS 7.x, create a rule that compares data in a HTTP flow?Example: User send a login request in clear text but the server responds with a different account. A custom packe...
Hi halijenn / pkampana / allWe are having ASA 8.0(5) .The issue is that there is a Web filtering appliance that is in inside interface (sec-level 100), IP 172.16.10.24 and the user is on DMZ interface (sec-level 50) , IP 172.16.14.6. The appliance h...
I have a pair of 5520s with the LAN/STATE interface on a Gi0/2. Some hoser configured the interfaces as 100/full and connected them to 100/full 100M switchports. You evidently can't change the ASA interfaces with failover enabled. Is there an easy wa...
Hi,I have a standby firewall which is not connected in live network as if now only Primary ASA is live,i have just installed once secondary ASA for failover testing and it working fine,QuestionAs if now the secondary firewall is out of network (on my...
Hello:I am replacing my PIX with a new ASA. I decided to upgrade the IOS to the latest version 8.3. NAT was one of the things which was completely redesigned. On my old PIX I had the below command. This allowed hosts on my private network to acce...
Dear All,Our audit team has identified som vulnerbilities, which i am not able to understand.. need help if their queries are correct and these unwanted services can be blocked on ASA.Queries:The presence of the URI 'cart32.exe' has been discovered o...
Dear All,I want to upgrade NAC Appliance from 4.6(1) to 4.7(2). Just want to check if i need any licences for this upgrade.Also need procedure to upgrade from 4.6(1) to 4.7(2).RegardsAmar
Hello:I am redesigning my ACL's. I have a dumb question for the "outside_access_in" ACL. This ACL controls traffic from the outside in. Servers which are in my DMZ are on a private range and the ASA is doing a static NAT for them. As I create the...
Hi Guys I have an ASA 5510 running 8.0 code.I was experiencing slower throughput then normal and decided to do some testing on the firewall.I had a redundant interface for the inside of the firewall with ports e0/2 and e0/3. both configures to 100/FU...
Please help me understand the asterix (*) symbol seen in below rule (highlighted) besides the hitcnt keyword.access-list server_input_in line 34 extended permit tcp host 192.168.100.1 host 192.168.300.4 eq ssh (hitcnt=*)Hitcnt should show certain num...
